﻿using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
using System.Data.SqlClient;

public partial class NewAccount : System.Web.UI.Page
{
	SqlConnection cn;
	
	protected void Page_Load(object sender, EventArgs e)
    {
		if (Session["sqlConnection"] == null)
			Response.Redirect("StsLogin.aspx");
		else
			cn = (SqlConnection)Session["sqlConnection"];
	}
	protected void Button2_Click(object sender, EventArgs e)
	{
		try
		{
			SqlCommand cmd = new SqlCommand("insert into Users (username, pw) values (@un, pwdencrypt(@pw))"
				+" select @@identity as 'identity'", cn);

			cmd.Parameters.Add("@un", SqlDbType.VarChar, 50).Value = txtUserName.Text;
			cmd.Parameters.Add("@pw", SqlDbType.VarChar, 50).Value = txtPassword.Text;

			if (cn.State == ConnectionState.Closed)
				cn.Open();

			Session["user_id"] = cmd.ExecuteScalar().ToString();
			Session["username"] = txtUserName.Text;
			Response.Redirect("StsManager.aspx");
		}
		catch (Exception ex)
		{
			MessageBox.Show(ex.Message);
		}
		finally
		{
			cn.Close();
		}
	}
}
